Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Installs New Software Without Permission

Posted by kdawson on from the slipperiest-of-slopes dept.

Futurepower(R) writes "Even though I have Automatic Updates turned off, on August 28, 2007, between 3:49 and 3:51 AM PDT, Microsoft installed new files on my Windows XP computer." Nine files are updated on Vista and on XP SP1, a different set of on each, relating to Windows Update itself. Microsoft-watch.com's Joe Wilcox and ZDnet's Adrian Kingsley-Hughes confirm the stealth update.

11 of 760 comments (clear)

  1. And? by FoolsGold · · Score: 4, Interesting

    I'm pretty sure the EULA states somewhere MS can do this. You agree to it when clicking that little checkbox for accepting the license when installing the damn OS.

  2. What's the IP address? by frovingslosh · · Score: 3, Interesting

    It would be nice to know the IP address that is being contacted here. With that, automatic update could be turned off at the router/firewall. If you trust Microsoft you always get punished.

    --
    I'm an American. I love this country and the freedoms that we used to have.
    1. Re:What's the IP address? by frovingslosh · · Score: 3, Interesting

      Personally, I have the updates turned of on my legal copies of XP because I'm trying to stop stuff like the only time that I did accept the "security ipdate" and suddenly my hardware would no longer run Linux, although it worked fine before the update, and the Linux was on a CD (Knoppix). Before you say that software can't do that, understand that NICs have a small eeprom on them, so that the manufacturers can store unique MAC addresses in them. And in my case the eeprom could also hold some default settings for the NIC. Very strange that after a security update that Linux, which trusted the NIC default settings, no longer worked, and that XP apparently ignored the settings. And I can't think of any reason for a "security update" to modify my NIC eeprom. No more updates from those bastards again, not if I can block them.

      --
      I'm an American. I love this country and the freedoms that we used to have.
  3. What level of 'disabled' by quantum+bit · · Score: 5, Interesting

    I wonder if this still happens even if you have set the Automatic Updates service to 'Disabled' in services, rather than using the control panel applet which tells it not to update but still leaves the service running.

    Probably a good idea to disable the BITS service too.

    1. Re:What level of 'disabled' by dc29A · · Score: 3, Interesting

      I tried something like that with WMI when MOM agent (or was it SMS agent, can't recall) was eating up way too much CPU. I disabled WMI service. Reboot the machine, to my shock, WMI service was started despite being disabled. If MOM or SMS can do that, I am sure Windows Update could force start BITS even if it's disabled.

  4. Re:That's the last thing you want! by Pojut · · Score: 3, Interesting

    OK, so have a "test box". I myself have one. Guess what cable never get's plugged into it? That's right, the ethernet cable. If I'm doing something that requires the use of my in-house LAN, guess what gets unplugged....that's right, my connection to the outside world.

    It's not that difficult really...I find that having an isolated not-connected (not even to my internal network) windows 98 box is FANTASTIC for my older games...fuck DosBox, I'll just build a 200 dollar killer Win98 box.

    --
    Living With a Nerd
  5. omg hackers by deftcoder · · Score: 5, Interesting

    Why hasn't someone diff'd the files that were updated and dived into the disassembly and checked to see what was actually changed?

    Would be more informative than bitching about it...

    --
    Peace sells, but who's buying?
  6. They've *always* had the ability to pull.... by Anonymous Coward · · Score: 3, Interesting

    ...since Windows 95 even. It's part of the remote registry background process that facilitates the ability to read data from any file in the filesystem, not just only the registry files.

  7. Policy violation by NullProg · · Score: 5, Interesting

    Doesn't this violate every corporate network policy on the planet? What about the defense department?
    What if the one of the computers was monitoring a critical system and the stealth upgrade crashed the system?

    Isn't this a violation of Sarbanes-Oxley computer auditing requirements?

    Food for thought.
    Enjoy,

    --
    It's just the normal noises in here.
    1. Re:Policy violation by pointbeing · · Score: 3, Interesting

      ...What about the defense department?

      Present!

      I work for an agency under DoD and my machine was *not* updated. Perhaps corporate versions of XP are unaffected?

      --
      we see things not as as they are, but as we are.
      -- anais nin
  8. Re:Why? Re:Block it by mulvane · · Score: 4, Interesting

    If automatic updates is turned off, and the service is disabled, just how did MS know to send an update to the machine in the first place?